Download Book
Related Links
On Demand, Easy-to-Use, Cost Effective PCI Compliance
QualysGuard® PCI Compliance (PCI) provides businesses, online merchants and Member Service Providers the easiest, most cost-effective and highly-automated way to achieve compliance with the Payment Card Industry Data Security Standard. Known as PCI DSS, the standard provides organizations the guidance they need to ensure that credit cardholder information is kept secure from possible security breaches. QualysGuard PCI draws upon the same highly accurate scanning infrastructure and technology as Qualys' flagship solution, QualysGuard - used by thousands of organizations around the world to protect their networks from the security vulnerabilities that make attacks against networks possible.
Qualys is an Approved Scanning Vendor (ASV)
Delivered as an on demand Web application, QualysGuard PCI is the most accurate, easiest to use tool for PCI compliance testing, reporting and submission. QualysGuard PCI enables merchants and Member Service Providers to promptly complete the PCI self-assessment questionnaire, and conduct network and web application security scans to efficiently identify and eliminate security vulnerabilities. The QualysGuard PCI "auto submission" feature completes the compliance process, allowing users to submit compliance status to one or multiple acquiring banks.
Features of QualysGuard PCI Compliance
-
- Achieve PCI Compliant Status and Secure Your Network
- Through QualysGuard PCI, achieving PCI compliance status becomes a streamlined process that also provides the assurance that your network is highly secure. The QualysGuard PCI web application walks you thru the PCI compliance process with its easy to follow step by step approach and compliance tips. Our user-friendly interface, coupled with online help and 24x7x365 email/telephone support ensures success in understanding and achieving PCI compliance. Qualys is an approved scanning vendor.
-
- Conveniently Complete the PCI "Self-Assessment Questionnaire" Online
- PCI DSS requires businesses to complete a PCI Self-Assessment Questionnaire (SAQ) every 12 months. The QualysGuard PCI supports SAQ v1.2 based on PCI DSS requirements. QualysGuard PCI makes it quick and painless to fill out and auto submit the questionnaire to acquiring banks.
-
- Quickly Eliminate Security Threats with Detailed Remediation Instructions
- PCI DSS also requires businesses to perform a network security scan every 90 days on all Internet facing networks and systems. To achieve compliance, businesses must identify and remediate all critical vulnerabilities detected during the scan. QualysGuard PCI automates and greatly simplifies this daunting process by providing easy-to-use reporting and identification of vulnerabilities that will cause you to fail PCI DSS. QualysGuard PCI draws upon the same highly accurate scanning infrastructure and technology as Qualys' flagship solution, QualysGuard. For each vulnerability discovered, QualysGuard PCI provides detailed instructions with links to verified patches, so that you can quickly eliminate each vulnerability.
-
- Auto-Submit Compliance Status Directly to Acquiring Bank
- Once you have met the validation actions the QualysGuard PCI "auto-submission" feature completes the compliance process, allowing users to submit compliance status directly to their acquiring banks. Entering your bank and merchant IDs in your "Account Settings" activates the auto-submission feature. You can also download PCI compliance reports in PDF to submit to your acquiring bank(s) or use to assist in remediation efforts.
-
- NEW: Secure Web Applications to Meet PCI 6.6 Requirements
-
PCI Requirement 6.6 now requires that organizations maintain secure web applications. The QualysGuard PCI Web Application Scanning module provides users an automated tool for evaluating web applications before and after development ensuring that applications are built and maintained in a secure way. The WAS module allows users to:
- Scan vulnerability types within any application (built or customized in-house, or purchased).
- Crawl web applications.
- Identify cross-site scripting vulnerabilities.
- Isolate SQL injection attacks.
- Conduct authenticated and unauthenticated scanning.
Benefits of QualysGuard PCI Compliance
- Easy-to-use, Step by Step Tool. With no installation or associated overhead, QualysGuard PCI enables merchants to attain compliance as quickly as possible. Using QualysGuard PCI's easy-to-use guided process, merchants and service providers find that in most cases they can secure their networks and reach compliance without costly outside assistance.
- Requires No Software to Deploy or Maintain. As an on demand solution, QualysGuard PCI doesn't require any software be deployed or maintained. Setup is completed within minutes through a secure Web connection from any browser. It's that simple.
- Comprehensive Results You Can Trust. Qualys is continuously improving the quality of its on demand solutions. Since QualysGuard PCI is delivered as a Web service, our engineering team continuously updates and enhances the accuracy of the service and vulnerability signatures, without requiring any software upgrades or manual updates. This dedication to accuracy and quality means that you won't be wasting time chasing false-positives, a common problem with software-based vulnerability scanners.
- Cost Efficient On Demand Solution. Since there is no infrastructure to deploy or software to configure, QualysGuard PCI eliminates the capital expenditures and labor costs associated with traditional software-based solutions. With QualysGuard PCI there are no hidden costs.
- Customer Service 24 Hours a Day, Every Day. Our dedicated staff of Security Engineers specializes in network security to assist customers quickly and effectively—24 hours a day, seven days a week by telephone, e-mail or the Web, so that your questions are answered quickly.
| Pricing and Subscription Options | |
|
|
| QualysGuard PCI is priced as a prepaid annual subscription based on the number of external IPs scanned. |
1 YEAR SUBSCRIPTION (EXTERNAL) |
| Maximum # of Questionnaires | Unlimited |
| Maximum # of Perimeter Scans | Unlimited |
| Maximum # of Users | Unlimited |
| Minimum # of IPs / WAS | 3 / 1 |
| Also Includes | |
|---|---|
| 24x7x365 Email/Telephone Customer & Technical Support |
|
| Web-based Training & Regional Certification Workshops |
|
| Attendance to All Qualys User Conferences & Seminars |
|
Pricing is based on the number of IP addresses. QualysGuard PCI Compliance is also available as part of the QualysGuard Security & Compliance SaaS Suite, which also includes:
- QualysGuard Vulnerability Management
- QualysGuard Policy Compliance
- QualysGuard Web Application Scanning
Contact sales for an immediate price quote, or sign up for a 14 Day Trial.
Customers and Awards
Performing over 150 million IP audits per year, QualysGuard is the widest deployed security on demand solution in the world. Qualys is selected by thousands of large and small organizations around the world. See customer success stories >
QualysGuard is overwhelmingly recognized as the leader in its space. QualysGuard has won awards ranging from Best Vulnerability Management Solution, Best Security Product, Best Security Company, Best Network Protection Service and much more. See award details >
